Traditionally, application software use license verification systems for controlling use of application software and other protected content employing a key or key-pair that is generated and, at some point, used in protocols whose purpose is typically, but not exclusively, to verify ownership of a software or content license.
These key-based systems are frequently compromised by illegal key generator software applications produced by software crackers. Frequently referred to as “key-gens,” these programs are capable of mimicking the methods used to create license keys. These illegal keys can then be supplied to the application during product activation resulting in theft of the software license.
Traditionally, illegal “key-gen” applications typically rely on analyzing an installation key (i.e. product key) that is either entered manually or scraped from the system. The installation key is analyzed and a correctly paired activation key is generated. These applications are dependent on reproducing the methods that a legitimate system uses to produce these key pairs.
A fundamental technological issue when combating these key-gens is that the underlying primary verification methods and protocols are embedded within application source code. Modifying application logic to thwart illegal key-gens (that is, in order to generate new valid key pairs) can take months or potentially years on larger applications.
Because the effort to design and develop new key generation and license verification protocols is greater than the effort and time to reverse engineer them, the hacker community is capable of rapidly compromising these methods and systems, typically within weeks of a new release of software.
Traditional systems are rigid, difficult and time consuming to change. Like an old iron lock that must be re-forged to change the key, once the method to generate the key has been discovered, it takes far too long to address the problem of re-securing the system.
What is needed is a system that can rapidly alter the structure and methods used to generate the keys and re-secure the system at a rate that is equivalent to or better than the rate at which illegal key generators can compromise those structures and methods.
Illustrative embodiments of the present invention address at least the drawbacks associated with conventional system and provide many advantages.